In OWASP AntiSamy prior to 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
antisamy project antisamy |